In the General tab, you can set up many options such as Save downloaded files to: and Open "safe" files after downloading.

CERT/CC recommends that you save downloaded files to a temporary folder that you create for downloading files.

For security reasons, be sure to uncheck the Open "safe" files after downloading option.

Move next to the AutoFill tab to select what types of forms your browser will fill in automatically.

In general, CERT/CC recommends against using AutoFill features because if someone can gain access to your computer, or to the data files, then the AutoFill feature may permit them even easier access to other sites that they would not otherwise have the ability to access.

However, if used with appropriate protective measures, it may be acceptable to enable AutoFill.

On the Mac, use filesystem encryption software such as OS X FileVault to provide additional security for files that reside your home directory.

The Security tab includes the most important settings to help reduce the risk of drive-by downloads.

The Web Content section permits you to enable or disable various forms of scripting and active content. CERT/CC recommends disabling the first three options in this section, and only enabling them when you require the functionality of these features.

You should select the Block Pop-up Windows to prevent sites from opening another window through the use of scripting, or active content. However, be aware that while pop-up windows are often associated with advertisements, some sites may attempt to display content relevant to your usage of the site in a new window. Setting this option may therefore disable the functionality of some sites.

Use Safari without plug-ins and Java by disabling the options Enable plug-ins and Enable Java.

It is also safer to disable JavaScript. However, many web sites require JavaScript for proper operation.

You can also disable cookies and view or remove cookies that have been set.

CERT/CC recommends disabling cookies and enabling them only when you visit a site that requires their use. At this point, you should determine if the site is trustworthy (i.e., contains no malicious content and is securely designed) and determine whether you want to allow cookies to access the site’s content. After you are finished visiting the site, we recommend disabling cookies until you need to access a site that requires cookies.

You can limit cookies to the sites that you navigate to by selecting the option Only from sites you navigate to. This will permit sites that you visit to set cookies, but not third-party sites. Finally, we recommend selecting the Ask before sending a non-secure form to a secure website option. This will alert you when data is sent to a secure web site over an insecure channel.

Source: CERT/CC.

Safari (on Mac and Windows) offers a feature called Private Browsing.

You can turn this on via the Edit drop-down on Windows or from Safari on the Mac.

Ryan Naraine is a journalist and social media enthusiast specializing in Internet and computer security issues. He is currently security evangelist at Kaspersky Lab, an anti-malware company with operations around the globe. He is taking a leadership role in developing the company's online community initiative around secure content managem...
Full Bio

Disclosure

The most important disclosure is of my employment with Kaspersky Lab as a member of the global research and analysis team. Kaspersky Lab is a global company specializing in anti-malware and secure content management technologies. I do not own stocks or other investments in any technology company.